Patrick McHardy wrote: > Its pretty certain the REJECT target, it defauls to port unreachable > and the network stack doesn't generate port unreachables for TCP. > Jordan, please post your ruleset. Yes, I have a REJECT rule for non-ESTABLISHED incoming packets on eth1. Please see this post for rules sufficient to reproducing the issue: http://lists.netfilter.org/pipermail/netfilter/2007-July/069182.html >>> 0000:01:0c.0: scatter/gather disabled. h/w checksums disabled > > > I can't find this message in the kernel tree. Which driver are you > using? It's 3c59x. -- Jordan Russell
